CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5480
https://notcve.org/view.php?id=CVE-2013-5480
27 Sep 2013 — The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733. La implementación DNS sobre TCP en Cisco IOS 12.2 y 15.0 hasta 15.3, cuando se utiliza NAT, permite a un atacante remoto causar una denegación de servicio (recarga del dispositivo) a través de un stream IPv4 DNS TCP manipulado, tambien conocido como Bug ID CSCuf28733. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2013-5472
https://notcve.org/view.php?id=CVE-2013-5472
27 Sep 2013 — The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. La implementación NTP en Cisco IOS 12.0 hasta 12.4 y 15.0 hasta 15.1, e IOS XE 2.1 hasta 3.3, no maneja apropiadamente la encapsulación de paquetes multicast NTP en los mensajes M... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ntp • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5481
https://notcve.org/view.php?id=CVE-2013-5481
27 Sep 2013 — The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817. La implementación PPTP en Cisco 1.2.2 y 15.0 hasta 15.3, cuando se utiliza NAT, permite a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de paquetes TCP manipulados (port-1723), aka Bug ID CSCtq14817. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5477
https://notcve.org/view.php?id=CVE-2013-5477
27 Sep 2013 — The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465. La funcionalidad T1/E1 driver-queue en Cisco IOS 12.2 y 15.0 hasta 15.3, cuando se utiliza un controlador HDLC32, permite a atacantes remotos causar una denegación de servicio (interface queue wedge) a través de tráfico de red en ráfagas, tambien conocido como ug ID CSCub674... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-wedge • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-5473
https://notcve.org/view.php?id=CVE-2013-5473
27 Sep 2013 — Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011. Fuga de memoria en Cisco iOS 12.2, 15.1 y 15.2, iOS XE 3.4.2S hasta la versión 3.4.5S; e iOS XE 3.6.xS anterior a 3.6.1S permite a atacantes remotos causar una denegación de servicio (consumo de memoria o recarga del dispositivo) a través de paquetes IKEv1 mal... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ike • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5479
https://notcve.org/view.php?id=CVE-2013-5479
27 Sep 2013 — The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730. La implementación de DNS sobre TCP en Cisco IOS 12.2 y 15.0 hasta 15.3, cuando se utiliza NAT, permite a un atacante remoto causar una denegación de servicio (recarga del dispositivo) a través de un stream Ipv4DNS TCP manipulado, tambien conocido como Bug ID CSCtn53730. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-nat • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5474
https://notcve.org/view.php?id=CVE-2013-5474
27 Sep 2013 — Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812. Condición de carrera en la implementación de IPv6 virtual fragmentation reassembly (VFR) en Cisco IOS 12.2 hasta 12.4 y 15.0 hasta 15.3 permite a un atacante remoto causar una denegación de servicio (recarga o cuelgue de dispositivo) a través de paq... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ipv6vfr • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1147
https://notcve.org/view.php?id=CVE-2013-1147
28 Mar 2013 — The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource, aka Bug ID CSCtz35999. La funcionalidad Protocol Translation (PT) en Cisco IOS v12.3 hasta v12.4 y 15.0 hasta 15.3, cuando estan configuradas una traduccion one-s... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1146 – Cisco IOS Smart Install Configuration File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1146
28 Mar 2013 — The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790. La funcionalidad Smart Install del cliente de Cisco IOS v12.2 y v15.0 hasta v15.3 en los switches Catalyst permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de una lista de parámetros imagen en los paquetes de Sm... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-1142
https://notcve.org/view.php?id=CVE-2013-1142
28 Mar 2013 — Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745. Condición de carrera en la funcionalidad VRF-Aware NAT en Cisco IOS 12.2 a la 12.4 y 15.0 a la 15.2, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de paquetes IPv4. Aka Bug IDs CSCtg47129 y CSCtz96745. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •